Poebot.GA

It allows to gain remote access to the affected computer.
It captures certain information entered or saved by the user, with the corresponding threat to privacy.
It causes the loss of information stored on the computer, either specific files or data in general.
It affects the productivity of the computer, the network to which it’s connected or other remote sites.
It carries out actions that decrease the security level of the computer.
It does not spread automatically using its own means.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95/3.X

First detected on:

Nov. 24, 2005

Detection updated on:

Nov. 24, 2005

Statistics

No

Proactive protection:

Yes, using TruPrevent Technologies

Brief Description

Poebot.GA is a backdoor that allows hackers to gain remote access to the affected computer in order to carry out actions that compromise user confidentiality and impede the tasks performed on the computer.

Poebot.GA redirects attempts to access web pages of certain banks to spoofed pages, with the aim of logging information entered by the user in these pages.

Poebot.GA redirects attempts to access several web pages to a specific IP address.

Poebot.GA does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.